Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/90rplI21TdsLIpUG9USF7cTWf-I.roa
File: 90rplI21TdsLIpUG9USF7cTWf-I.roa (raw, json)
Hash identifier: ldO4+ut/ddU9vvkMaSBxCu9OBu8EIwMm1EB2QD6hwiQ=
Subject key identifier: F7:4A:E9:94:8D:B5:4D:DB:0B:22:95:06:F5:44:85:ED:C4:D6:7F:E2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E890F9A78B0D371C20EACCDF1FE4A9F5E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/90rplI21TdsLIpUG9USF7cTWf-I.roa
Signing time: Fri 29 Mar 2024 07:14:44 +0000
ROA not before: Fri 29 Mar 2024 07:14:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:89:0f:9a:78:b0:d3:71:c2:0e:ac:cd:f1:fe:4a:9f:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 29 07:14:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f74ae9948db54ddb0b229506f54485edc4d67fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ba:8c:18:b0:21:94:56:f0:57:98:ed:e2:a7:
36:57:68:7f:e9:a0:6a:a1:d9:08:fa:38:86:76:19:
15:58:88:8b:1f:fd:b5:cf:0e:0a:4b:c8:1b:ba:1f:
48:d5:c1:f6:60:61:8c:43:0d:37:aa:6d:a7:fb:1a:
4f:af:84:77:c0:4a:b0:e1:89:92:c3:91:ae:0d:31:
ff:85:35:e6:23:ea:a3:f8:65:7f:11:5e:8b:e5:ef:
ed:63:c2:c2:df:36:99:ef:2a:ad:89:88:3f:bd:56:
46:bf:2e:d8:f9:c6:3e:75:03:53:87:07:a8:a0:9e:
26:2b:74:c0:d5:ec:f6:6e:5b:e2:ab:5f:5e:8a:e7:
85:c0:ad:c0:46:50:0c:13:f8:0a:e1:c3:d2:3f:38:
74:52:e1:26:1d:a1:eb:a8:3d:ba:d6:d4:c6:c2:a4:
53:fd:ba:00:c6:b6:57:bb:55:34:33:00:39:f3:6e:
ab:7e:54:11:c7:bc:d5:49:01:36:ac:ee:08:a0:bb:
7e:aa:82:fd:86:90:9d:12:10:fc:84:5d:1a:ae:e4:
36:51:51:5b:d5:c3:72:be:97:e5:4d:cd:a5:20:23:
cb:53:b7:18:c1:0e:d3:bc:b9:cc:ff:8b:80:be:e1:
de:bf:df:cf:d9:26:a5:1a:73:3d:f5:c2:20:f0:ad:
13:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4A:E9:94:8D:B5:4D:DB:0B:22:95:06:F5:44:85:ED:C4:D6:7F:E2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/90rplI21TdsLIpUG9USF7cTWf-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:6c:10:9c:7b:a3:89:0d:44:9a:c4:53:70:0a:0e:74:47:8a:
68:25:9c:fd:7f:ce:7c:51:c5:6f:78:36:15:f0:41:4d:42:19:
f8:cb:1f:0b:db:72:27:1c:80:d7:4b:69:9b:f9:29:7b:e8:c5:
05:28:96:fc:13:a6:20:96:f0:c4:7d:6c:77:09:18:b4:4f:7f:
b5:bd:05:e4:31:25:84:f9:d6:67:1e:fc:8f:94:74:99:dd:36:
73:b7:ee:9b:cb:b7:88:d4:f6:b6:74:a8:ad:d9:b1:fb:82:e1:
f5:4e:41:96:3e:03:6f:6e:30:02:c4:9a:41:0d:97:56:f1:15:
2a:ce:75:59:d9:79:18:f5:45:bb:a8:e1:25:f4:26:83:b4:25:
ce:45:3c:a9:7c:88:a6:1c:5a:73:dc:38:12:e1:9a:5e:c6:95:
9e:a2:bb:d1:ba:1a:f4:42:f7:4b:f8:9e:c7:d6:b8:6b:0e:9c:
54:3e:fc:0a:b6:4d:19:73:ae:37:a6:db:c7:ac:ac:ef:fb:99:
94:e9:18:86:8b:b5:da:2e:49:25:ea:9e:3b:65:0d:ef:34:07:
f6:f6:56:e1:14:7f:56:31:c4:9f:9e:1e:08:ba:37:fc:31:7e:
54:23:eb:40:7a:6e:b1:ab:f6:a7:d5:ca:c5:73:33:b5:d5:3f:
c5:2b:75:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6JD5p4sNNxwg6szfH+Sp9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI5MDcxNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzRhZTk5NDhkYjU0ZGRiMGIyMjk1MDZmNTQ0ODVlZGM0ZDY3ZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrqMGLAhlFbwV5jt4qc2V2h/6aBq
odkI+jiGdhkVWIiLH/21zw4KS8gbuh9I1cH2YGGMQw03qm2n+xpPr4R3wEqw4YmS
w5GuDTH/hTXmI+qj+GV/EV6L5e/tY8LC3zaZ7yqtiYg/vVZGvy7Y+cY+dQNThweo
oJ4mK3TA1ez2blviq19eiueFwK3ARlAME/gK4cPSPzh0UuEmHaHrqD261tTGwqRT
/boAxrZXu1U0MwA5826rflQRx7zVSQE2rO4IoLt+qoL9hpCdEhD8hF0aruQ2UVFb
1cNyvpflTc2lICPLU7cYwQ7TvLnM/4uAvuHev9/P2SalGnM99cIg8K0T+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPdK6ZSNtU3bCyKVBvVEhe3E1n/iMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOTBycGxJMjFUZHNMSXBVRzlVU0Y3Y1RXZi1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHRsEJx7o4kNRJrEU3AK
DnRHimglnP1/znxRxW94NhXwQU1CGfjLHwvbciccgNdLaZv5KXvoxQUolvwTpiCW
8MR9bHcJGLRPf7W9BeQxJYT51mce/I+UdJndNnO37pvLt4jU9rZ0qK3ZsfuC4fVO
QZY+A29uMALEmkENl1bxFSrOdVnZeRj1Rbuo4SX0JoO0Jc5FPKl8iKYcWnPcOBLh
ml7GlZ6iu9G6GvRC90v4nsfWuGsOnFQ+/Aq2TRlzrjem28esrO/7mZTpGIaLtdou
SSXqnjtlDe80B/b2VuEUf1YxxJ+eHgi6N/wxflQj60B6brGr9qfVysVzM7XVP8Ur
dUk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:18 2025 by rpki-client